I have a recurring idea, that I believe could be of value in a number of
circumstances, and wanted to solicit feedback from the list before
attempting to build it.
My use-case would be a superset of something like WebMock which prevents
HTTP requests by monkey patching common libraries.
# anything on the network in this block raises an exception
In general, I suppose this could be mostly implemented by simply taking the
Webmock approach and monkey patching or refining common Socket operations.
I fear however that this wouldn't necessarily be comprehensive. At least C
extensions would easily bypass this, and perhaps already opened sockets
would still be usable within the block.
My ideas range from "a wrapper binary that uses LD_PATH to inject a syscall
interceptor" (which can be toggled on-and-off from Ruby), this seems
fraught with issues. Alternatively leveraging TracePoint to catch a large
portion of the calls to libraries (this still leaves the C extension issue)
The concept here isn't for security, but to avoid developer mistakes by
doing a dynamic analysis on running code during tests, or even in
"production" code to ensure that "side-effects" are isolated to a few key
places in the code.
Possibly I'm trying to bend Ruby too far here, and would be better served
by a language that models effects comprehensively.
Does anyone on the list have suggestions?
+49 (0) 170 298 5667